Posted
by
samzenpuson Thursday May 17, 2012 @12:34AM
from the doing-it-faster dept.

Qedward writes "The Metropolitan Police has rolled out a mobile device data extraction system to allow officers to extract data 'within minutes' from suspects' phones while they are in custody. 'Ostensibly, the system has been deployed to target phones that are suspected of having actually been used in criminal activity, although data privacy campaigners may focus on potentially wider use.'"

Everything sent through Cell phones, or land lines goes through a switch site, there it is mirrored, basically copied to giant memory banks for Government use. They may not access it without a search warrant, but you can bet that it's all there. Calls and texts.

Not only that, they're not even a full-fledged EU country, as they still have their own currency; their situation seems to be similar to that of the UK, which most people don't seem to think of as a part of the European Union.

Yeah , but the real burning question is when are these silly fops going to have enough abuse, revolt, and hang Parliament , the royals and the tabloid journalists from the lampposts?
If not, maybe they just like the pain. Hey, maybe some English are just dying to be tied up and have the hide waled off their backsides. Bet they get a stiffie.

Last time that happened England ended up with Cromwell. In any case it's worth waiting to see how the experiment in USA turns out after the terrorists there revolted. So far its not looking promising.

The Metropolitan Police are in London. That's one city. It's the capital city, and it's a pretty big city, so there is a police force that deal with pretty much just that. They don't even deal with the outlying parts of the Greater London area.

If the police in Washington DC rolled this out, would you say "US Police"? No, because that would be stupid. It's one city, not the whole country.

Yeah, because the USA doesn't have something like laws that are valid through the entire country and is able to uphold those. If it can and is done in Michigan, it will never happen anywhere else in the USA, or is it just the first city and will it only be a matter of time for the rest of the USA to have this equipment available as well?

Bear in mind that the UK consists of four different countries and a bunch of principalities, and at least one country - Scotland - has entirely different laws and indeed an entirely different legal system to all the rest. About the only thing we share with the rest of the UK is our currency and our mains voltage.

I've been regretting my decision to travel to Scotland more and more as every single story related to the UK seems to indicate that they want to bring the American definition of "Freedom" into Europe, which is Not Cool (see: SAM sites in freaking London, the Olympics scandal, this story,...).

Your comment gave me a great deal of relief though; but realistically, how much safer are people in Scotland? Doesn't the central UK Ministry of Peace have a way of slowly forcing its rot into its member states, lik

Not safe at all. They die at least 20 years younger of eating and drinking too much/the wrong thing. A diet of Scottish and Newcastle Beer and deep fried Mars Bars is a worse risk than Rapier missiles. And the Glaswegian accent can cause serious brain damage too.how much safer are people in Scotland?

I don't know what the 'Olympics scandal' is. The cost of the thing is a scandal, but then these things always are expensive.

Well, aside from the staggering cost to the taxpayer and particularly the locals who are footing a big chunk of the bill, there is the fact that normal daily life for everyone else who isn't particularly interested is going to get turned on its head for varying periods. How much inconvenience regular people suffer and how much financial loss is incurred by businesses who aren't on the Olympic gravy train remains to be seen, but it's a good bet that both will be substantial, particularly for those who live o

Then there is the fact that the Olympic authorities have effectively bought laws to protect their "sponsors".

That, specifically, is why I called it the Olympics "scandal" in my original post: at least from what I can see from outside the UK, this whole fiasco is going to cause tremendous damage to the liberties of everyone in or around London (not to mention the enormous inconvenience and loss of revenue), while not many people seem to actually want it. But hey, who cares if it takes a medium-sized country's annual budget and a huge deal of effort to accomplish something few people actually want, if those few peop

It sounds like we agree on a lot here. I think the basic problem is that the Olympics is assumed to be a long term benefit that justifies the costs (financial and otherwise) and risks inherent in being the host nation. However, the Olympic legacy for past hosts has been, at best, hit and miss, and it's not clear at all that any benefits we might achieve in the long run would have been lost had we told them to shove it when they started buying laws and so on. There is a reality distortion field somewhere aro

Such as any jet aircraft on the approach to Heathrow that deviate at the last second and start heading to East London, arriving at the Olympic Stadium around two minutes later.

Sure, a Typhoon could cover that distance rather quicker - but allow for the deviation detection, alerting, command and control overheads and other delays, the Typhoon's going to be barely airborne by the time 150,000 litres of high octane fuel are flash roasting 60,000 people.

The other countries in the UK are mostly insignificant, as England has a far greater population than the rest of them put together. Scotland is certainly #2, but the rest barely count, and are along for the ride. It's sorta like the US and Alaska; sure, they have a lot of land area up there, but they don't have much population (about 500k IIRC), so their opinions don't count for much among the rest of the USA.

That makes it worse. Rather than being a national policy decided by our elected representatives the Met is just doing it alone. Once they have it up and running all the other forces will want it too and have lots of nice statistics to show how effective it is. We will get it by the backdoor, in both senses of the phrase.

I bet, if you live in the UK, you probably also only take an umbrella with you when you leave home in the morning if it's raining right then. Otherwise, you leave it because you want to wait and see what happens.

Seriously, 'waiting to see what happens' rarely works for situations like this [expanding police powers, particularly when they are unchecked], because it is extraordinarily rare for those powers to then be revoked.

Sure. It's not as if they'd abuse stop and search laws to turn the entirety of London into a designated area forever and then search an order of magnitude more black kids using their dubiously acquired new powers. And the police certainly wouldn't do things like introducing a national number plate scanning system on our trunk road network without any real oversight and then presenting Parliament with a fait accompli. This is England, old boy, where we don't politicise the police force and that sort of thing

Actually, I a particularly English way, there is a separate force, City of London Police, for the City. But the City is quite small, and apart from St Paul's you'd be lucky to have anything a random outsider to London would consider London in it... Like Big Ben, Buckingham Palace etc... They are covered by the Met. The City Police cover the square mile and not much more.

London is a huge city, and its metro area takes up a sizeable fraction of the country of England (which easily dominates the UK politically). The metro area has 13.7 million people (8.7M in the "urban area" whatever that is, and 7.825M in the city proper (according to Wikipedia)), making it a very large city. According to my calculations, that means London has about 26% of England's population, and 22% of the UK's (showing that the rest of the UK really doesn't matter much compared to England, as England

Why yes, I HAVE been on the phone with Barack Obama recently, and YES I REALLY DID receive a phone call from the prime minister, only 15 minutes ago. So why don't you uncuff me and let me go before they call back?

Why yes, I HAVE been on the phone with Barack Obama recently, and YES I REALLY DID receive a phone call from the prime minister, only 15 minutes ago. So why don't you uncuff me and let me go before they call back?

Agreed, hack your phone. Install cyanogenmod + LUKS encryption for user data + sdcard, and you are good to go (it's all alpha quality for now, but possible. With more active users it could be made convenient). I wish meego/maemo/tizen would succeed so that we have some alternatives to this...

Of course, there are issues of UK police forcing you to hand over the encription keys (they have a legal right to do that in UK). And GSM/mobile network drivers are binary and probably a huge rootkit- your mobile can be forced to run any code by your mobile network operator. And your calls and texts are logged by mobile operators/government anyway. So you won't be able to hide much.

Of course, there are issues of UK police forcing you to hand over the encription keys (they have a legal right to do that in UK).

What would be nice is an encryption setup mode where you have your password/authentication plus 4k of random data (like a big salt). When you set up the encryption or subsequently boot the system decrypted, it regenerates the random data and re-encrypts the internal final decryption key with your password+new random salt. When you shut the phone down normally, the salt is saved in cleartext and you're ready to go upon next boot, but if you yank the battery or shut down in "panic mode", the salt isn't saved

You will be a sad panda the first time you drop you phone, or it kernel panics, or...

Perhaps better to have a system that will self-wipe the encryption headers on disk if it has been toggled into high paranoia mode and you haven't unlocked it in, say, the last two hours.

Of course, the LUKS based encryption should be fine against attacks even if they got the cipherdata. More likely, you have more to be concerned about wrt your carrier's data they have on your usage. Best first step there is to get a vpn serv

Under the moronic RIPA laws, they'd just throw you in jail for 5 years for being unwilling or unable to decrypt the data (they don't really care if you can or not and you'd struggle to prove that you couldn't).

Since I never use my phone's data connection, and am so quaint that all I have on it is my phonebook there is mischeif to be had. Easily possible to build a 300V flyback converter inside the case of an extended battery, and use that to provide +/- 300V on alternate output pins on the data connector. I defy the machine to cope with that.

When asked I'll tell them it's a security feature, and knowing the woodentops if you tell them before it won't work that'll make them more determined than ever yo pulg it in

As mentioned in some of the earlier comments, there is no such thing as the UK police, any more than there is a national US police force (Scotland may be legislating for a national police force soon enough though, however its legal system is entirely different from England/Wales and Northern Ireland. The Met may be a big force and anything London based tends to hog the news, but that does not mean it applies to anywhere in the UK other than London.

How do you know someone is a "suspect"? If there's already some other evidence, however light, that someone is a culprit (such as a witness statement), then fine, arrest him and take the phone, too.

Otherwise, I think this is just one of those circular reasoning things: he's a suspect because there might be incriminating information on his phone. We're checking his phone for incriminating information because he's a suspect. (Oh, and, he's a suspect beca

How do you know someone is a "suspect"? If there's already some other evidence, however light, that someone is a culprit (such as a witness statement), then fine, arrest him and take the phone, too.

That is how you determine someone is a suspect, you have some amount of evidence that is not enough to prove that the person is guilty of a crime.

Otherwise, I think this is just one of those circular reasoning things: he's a suspect because there might be incriminating information on his phone. We're checking his phone for incriminating information because he's a suspect. (Oh, and, he's a suspect because we suspect there might be incriminating information on his phone.)

No, how do you think a search warrant is issued? There has to be at least some evidence for the police to suspect that someone is involved in criminal activity, hence the term 'suspect' applied to such a person.

You take one quick look at them and assess whether or not they can pay for high priced lawyers. If they can, you immediately ignore them if they can't then they are suspect (rich vs poor). This really has nothing to do with skin colour apart from the assumption if they are coloured they are poor. How many coloured people in expensive suits did they molest, this is really blatantly all about a two class society rich verses poor and protecting the rich from the poor the rich create in order to exploit.

You must live in Texas or somewhere, there are black people in expensive suits that work in my building, racist. I guess you never heard of Bill Cosby or Barack Obama, either.

You should relize that racism is a tool of the rich to keep the poor whites and blacks at each others' throats so they don't wake up and realize who the real enemy is, don't you? No, I guess not; I know a few racists, but they're all knuckle-dragging morons.

Substitute your lies for factI see right through your plastic mackI look all white but my dad was blackMy Chinese suit is really made out of sack

I this were Israel he would be white, but most mixed race Americans I've known identified themselves as black. Fifty years ago he would have been a "mulatto" but that's probably politically incorrect these days.

The police could find someone standing over a dead body spattered in blood holding the hammer that fits the divot marks in the victims head, freely confessing to it and they would *still* be a suspect and no more.

They don't become a culprit, or rather a convict until the courts have had their say. Sadly there are too many coppers in the UK who think they are the law. They are the police - it's the magistrates and judges who are the law.

Usually it's because someone is found with a bunch of cocaine or a gun or something, and they then check the phone to see if they can find the source of the illicit objects. It won't be possible to just arrest someone without reason, and expect anything to come of it.

That is, if someone is found with cocaine, then you arrest him, and you also have/take his phone. That's fine.

What's not fine is the scenario I gave above --infodump someone's phone for no other reason that that there might be something incriminating on it. And in case you're wondering if that happens, yes it does. Remember the/. story on traffic police stopping people at a roadblock and just casually checking everybody's phones?

Carry the broken USB port model, and all's well unless the collection device uses a debug port(which requires the battery to be removed to access, also deactivating the SD slot on opening battery cover). In addition, the software stack allows for a lot to be altered, which can discourage people from poking at the data easily.

Maemo/Meego might be considered dead, but it puts the end user in enough control to be ahead of most of this stuff.

Yeah just FYI the broken USB port model is a PITA. Broke only a few days ago. Nearly made its 2nd birthday.:(

I'd be extremely surprised if a generic phone data extractor supported Maemo.Probably far too easy to delete on it anyway."Whoops I typed the wrong fdisk command because the handcuffs are too tight. Now my phone won't work until I reflash it."

Carry the broken USB port model, and all's well unless the collection device uses a debug port(which requires the battery to be removed to access, also deactivating the SD slot on opening battery cover). In addition, the software stack allows for a lot to be altered, which can discourage people from poking at the data easily.

I see an opportunity for an underground cottage-industry of those with electronics skills that will, for a fee, take a phone and hack it hardware- and software-wise to thwart such government/police snooping.

If nothing else, one could cut/remove the PCB copper traces that connect the data from the chips to the connectors/ports, necessitating a lengthy and expensive trip to an advanced electronics forensic facility for data extraction & decryption. Make the regular use of cellphone "data-slurpers" by LEAs

Everyday people often choose convinience over security. They forego data encryption, they have simple passwords, and they don't think twice about their privacy implications.

Criminals are often no different.

Of course, that's currently true. It will likely remain mostly true, even with the growing levels and abuse of government monitoring.

However, there *will* be some increase in the numbers of people...both criminals and others who are not criminals...who will become more security-aware because of increased intrusions and abuses, as well as the increased likelihood that they or someone they know has been personally negatively affected. I've seen two examples personally. I have two acquaintances who, each in di

Well, the screen resolution is barely adequate, the CPU struggles on many web pages, the battery life could definitely do with improvement, the operating system is a bit clumsy, the software support very poor relative to other mobile OS and the upgrade path non-existent.

Hell, I used mine for two years (without breaking the USB connector) and didn't recommend it to a single person. I've recommended my current phone to several people and it doesn't even have a hardware keyboard:(

Well, the screen resolution is barely adequate, the CPU struggles on many web pages, the battery life could definitely do with improvement, the operating system is a bit clumsy, the software support very poor relative to other mobile OS and the upgrade path non-existent.

On those problems:CPU: Overclocking can fix that.Battery: Double-size batteries do exist for the N900, extending the lifetime to a more friendly 8 hours.Software Support: CSSU, since it does a lot better than the N770/N8x0 days where neither had it.Upgrade path: The N9, or thank Elop for removing the possibility for future Meego models.

Overclocking the CPU still leaves it slower than the stock CPU in my current phone, and doesn't help battery life at all. And making the device too big to dot in my pocket isn't the answer there - plenty of portable devices needing a bag are significantly better than the N900.

I don't regret buying/owning one, I still have it, but it never had the chance. That form factor and build quality with a more modern screen (even 3 years has seen a significant improvement) and a properly supported OS would still attr

Unlike the phones of its time (2009), it was not a mass-market phone. It is a multitool for communications, as pre-Elop Nokia engineered & built them.

It was more open than Android, it was too unfriendly towards carriers, had features that were ahead of others(hardware keyboard, 32GB flash + SD slot), had integrated communications frameworks for various network types.

The case where I'd recommend an N900 is if one already has one - for there is no replacement that matches it in openness, form-factor, or

We need a kill gesture. Some way to immediately block access to the phone's info while the phone corrupts its information beyond readability. No signing in with a login code, just do *this* sequence of key presses or gestures, and the phone initiates its info-apoptosis. Why isn't there an app for this?

We need a kill gesture. Some way to immediately block access to the phone's info while the phone corrupts its information beyond readability. No signing in with a login code, just do *this* sequence of key presses or gestures, and the phone initiates its info-apoptosis. Why isn't there an app for this?

Do you really want an app that can wipe your phone? I'd hate to be a beta-tester.

Do you really want an app that can wipe your phone? I'd hate to be a beta-tester.

Aptitude has this neat feature, "-s" (simulate), where it goes through the motions of what it's going to do, reporting them all but not actually doing anything. Not that difficult.

I'm talking about verification.

Explain? If after running the app your data's not there,...

Still, it might be a lot simpler to just image your phone when you first get it, then panic mode slaps that image over the current image and reboots. You're now back to a vanilla, never used, phone with no "incriminating" data. May be better to add a few innocuous entries before taking the image to make it look less like it was just re-imaged.

Do you really want an app that can wipe your phone? I'd hate to be a beta-tester.

Aptitude has this neat feature, "-s" (simulate), where it goes through the motions of what it's going to do, reporting them all but not actually doing anything. Not that difficult.

I'm talking about verification.

Explain? If after running the app your data's not there,...

Still, it might be a lot simpler to just image your phone when you first get it, then panic mode slaps that image over the current image and reboots. You're now back to a vanilla, never used, phone with no "incriminating" data. May be better to add a few innocuous entries before taking the image to make it look less like it was just re-imaged.

My point is that if you have an app that can wipe your data, you sure don't want a bug in that app that might do the wipe when you don't want it to. The app needs to have some pretty global-thermonuclear-war-level permissions that I'm not sure I'd trust any developer to have.

You have one. Take the phone in both hands and smack it as hard as you can over the nearest hard object edge, in a motion trying to break it in 1/2.

Guarantee they will not recover any data from a phone you snapped the circuit board and smushed the battery so it started burning. But I also guarantee you will spend a few days in prison over the action. In the USA that action gets you waterboarded.

Um, this most likely won't smash the SD card unless you take it out and snap it in half (takes too long in scenario you described). And flash chips on the phone are likely to be also recoverable after re-soldering them onto another phone or a flash reader, and you cannot remove them as easily as SD card. Flash storage media is quite resistant to physical damage- there are stories about people recovering some data from SD cards after a nail has been driven through them.

Keep the phone in your trouser pocket. When stopped by the police immediately piss yourself (remember to keep your bladder full just in case) and "water" damage will kill it. Might be able to throw an intimidation charge at the cops too.

What the fuck makes you think the police will only use this device when the owner's committed a crime?

This is the Met we're talking about. A police force that thinks pre-emptive false imprisonment is for the public good, that needs media attention before it'll even investigate racism by its officers, that promotes the fucking bitch overseeing the murder of an innocent Brazilian, that lies to the media, that sells information to the media and that happily kicks shit out of British citizens because they dared

April came, UK internet starts being censored to protect companies that are still posting record profits while reducing their staffing head count and Avoiding taxes like every big company in the UK does lately. TPB is the big one but I am annoyed because this is the start of censoring based on what companies want over the requirements of the people that keep paying for this country. Funny thing 3 days ago we have the list of unfairly blocked websites, http://yro.slashdot.org/story/12/05/14/1816217/report-highlights-10-sites-unfairly-blocked-by-uk-mobile-internet-censorship?utm_source=commentcnt&utm_medium=feed [slashdot.org] to ANYONE that is reading this going but TPB was bad, well why is the UK censoring www.biased-bbc.blogspot.co.uk on UK mobiles as hate speech? We also have the Tory MP Claire Perry who is standing in front of MPs saying the internet should be opt in to stop kids seeing porn, yet when asked about sexual based images in her old new paper she blows that off as up to the editor and harmless. So on one hand this women is saying the UK people are too stupid and need an opt in system while saying that established new papers are free to do what they want. Double standards amaze me. and Let’s not forget that this women comes from a new paper as well, the new corp had their girl brooks in with the government, i guess it’s time that a few other papers try and mould some of the government.

Now we have the police stating they will rip a copy of your phone and we all know this will happen for the most minimal event. Get pulled over for speeding, "let me check you phone" your data will be pulled, all your contacts, all your images (with EXIF info because you would not have had time to clear it (EXIF can hold GPS data about where the photo was taken)) and it’s all going to be logged (did you know the UK police are only meant to keep your finger prints for a set time if you are not charged, to day this database has never once been trimmed:/) . I just spent 15 minutes looking for a way to encrypt the hard drive of my phone, seems i will have to jailbreak it to get the protection i want out of my hardware.

A few months ago I would have said the UK is in serious trouble, I think it’s become fcuked in a very short space of time, there is no national sprit, the unemployed are restless with no hope, my generation is being r@ped for every pounds the government can get to support an aging population. I have had to stop driving because the cost of petrol is so high; my food bills have gone up 20-25% in a year. My wages are not going up but the middle class tories just tell everyone it’s time to tighten your belts. I have nothing left to tighten. I am just under 30, only a few of my friends are on the housing market, the ones that are have all had help from their parents or grandparents. I do not know one person my age that went to uni and is now in a position to afford a house in the UK without the help of someone else (caste system take 2, you don’t have to do the job of your parent but you better hope they can support you while you find your profession). Funny stat i read yesterday, in the 1960s you could buy a house for 1.5 times the min annual salary, today that number is now 6-7 times the minwage in the UK. At this rate I will never own a house, I can barely afford to drive anywhere, and i am going to spend my whole life paying for a country that spent the money before I was even really in the job market. I mean i was at school and uni while labour was pushing billions in to the public sector to improve their stats. and now why am I paying for it? why were my parents giving a chance yet I am forced to work to pay for others errors.

omg this is just a rant:/ sorry

Finally I want to say one thing, I want to introduce a tax system based on ag

Now as for housing, have you considered talking to your local council? One potential upshot I've found out is that the government offers low-cost and "first-time buyers" housing. In my case I can get 60% off the value of a house, putting it at 3-4x my salary, which I actually have a shot at affording.

Lucky you. Unfortunately for me I'm a single white man with no children, which means my council considers me a cash cow.

The only people that can buy discounted housing are people living in council housing (or its housing association replacement). I'd have to change sex and adopt an Ethiopian before they'd give me a council house.

where the hell is all this terrorism that they need to stop? Soooooo ONE time a few guys flew some planes into some buildings... about 3000 died... tsunamis and earthquakes kill over 10000 people at a time.

Now that we have signed away all of our freedoms, the "terrorists" have officially won.

There is a new generation of openmoko phones in the works. These phones are much more trustworthy than closed phones with binary blob OS that has been tampered with by the network provider as well. As far as I know nobody has user friendly LUKS support, but it shouldn't be too hard to add. http://projects.goldelico.com/p/gta04-main/ [goldelico.com]

I suspect that one of the main uses of this will be at protests. By extracting cell phone data from protesters, and you can predict future protests as well as find all sorts of data to discredit the protesters.

Believe it or not, Apple has a defense against this built in to iOS 5.

The automated "read a suspect's cellphone tools" I've heard of work by performing a tethered jailbreak. After executing the jailbreak logic, they read the memory containing the security key, and brute force the simple 4 digit PIN, which then grants full access to the machine. The process takes from a few seconds to a few minutes.

The fix is to go into Settings / General / Passcode lock, and turn "Simple Passcode" to Off. Set a passcode

I'm proud to be an American, where at least I know I'm free.
To be gunned down in my house by the cops, when they come looking for me.
So I'll gladly give up all my rights, and betray the American way.
'Cause there ain't no doubt I don't wanna die, that's why I will obey.

I know you're making with the funnies, but yes, they do use these things, problem with using then is Ofcom's monitoring will flag them up for further investigation (encrypted transmissions being somewhat illegal in the UK).

Real Criminals in the UK use cheap PAYG mobile phones, as you can purchase them without having to provide any sort of ID (and they're smart enough to have other people to purchase them to avoid the old 'look-sir-we-have-you-on-camera-buying-a-phone-where-is-it?' questions if they're the s